Closed problemzebra2 closed 1 year ago
The document linked above is an older version. The current one has a correct XML example an can be found here: https://www.edi-energy.de/index.php?id=38&tx_bdew_bdew%5Buid%5D=1945&tx_bdew_bdew%5Baction%5D=download&tx_bdew_bdew%5Bcontroller%5D=Dokument&cHash=9979de244bba1466cc503146e765f2c3 (the error was fixed in May by the BDEW)
@sopgreg are you doing the SKI header on your own, or do you do it with the help of WSS4J?
You're right, we missed to close this one after fixing it in our implementation. Thanks for the reminder.
As mentioned in #167 the BDEW profile states that X509SKI must be used to reference the security token.
In #167
cryptParams ().setKeyIdentifierType (...);
is now using the supposedly correct value but Phase 4 still generates XML like this:But I think the profile defines that
<X509SKI>
must be used with encoded subject key identifier from the certificate extension (2.5.29.14). This is also the assumption of many market participants.Also the example XML in https://www.bundesnetzagentur.de/DE/Beschlusskammern/1_GZ/BK6-GZ/2021/BK6-21-282/Mitteilung02/AS4%20Profil.pdf?__blob=publicationFile&v=1 seems to be not matching the textual description (pages 14/15).
Is there a way that
ECryptoKeyIdentifierType.SKI_KEY_IDENTIFIER
generates<X509SKI>
?